Mesos DNS API

ENTERPRISE

Discovering IP addresses and ports using Mesos DNA API

You can use the Mesos DNS API to discover the IP addresses and ports of other applications.

Routes

Access to the Mesos DNS API is proxied through the Admin Router on each node using the following route:

  1. curl -H "Authorization: token=<auth-token>" http://<public-master-ip>/mesos_dns/v1/

Access to the Mesos DNS API of the agent nodes is also proxied through the master nodes:

  1. curl -H "Authorization: token=<auth-token>" http://<public-master-ip>/system/v1/agent/{agent_id}/mesos_dns/v1/

Format

The Mesos DNS API request and response bodies are formatted in JSON.

Requests must include the accept header:

  1. Accept: application/json

Responses will include the content type header:

  1. Content-Type: application/json

Authorization Enterprise

All Mesos DNS API routes require authentication to use.

To authenticate API requests, see Obtaining an authentication token and Passing an authentication token.

The Mesos DNS API also requires authorization via the following permissions:

RoutePermission
/system/mesos_dns/v1/dcos:adminrouter:ops:mesos-dns
/system/v1/agent/{agent_id}/mesos_dns/v1/dcos:adminrouter:system:agent

All routes may also be reached by users with the dcos:superuser permission.

To assign permissions to your account, see the permissions reference.

Resources

Mesos-DNS implements a simple REST API for service discovery over HTTP. These examples assume you have an SSH connection to the node.

GET /v1/version

Lists in JSON format the Mesos-DNS version and source code URL.

  1. curl -H "Authorization: token=<auth-token>" http://<public-master-ip>/mesos_dns/v1/version

The output should resemble:

  1. {
  2. "Service": "Mesos-DNS",
  3. "URL": "https://github.com/mesosphere/mesos-dns",
  4. "Version": "dev"
  5. }

GET /v1/config

Lists in JSON format the Mesos-DNS configuration parameters.

  1. curl -H "Authorization: token=<auth-token>" http://<public-master-ip>/mesos_dns/v1/config

The output for DC/OS open source should resemble:

  1. {
  2. "RefreshSeconds": 30,
  3. "Port": 61053,
  4. "Timeout": 5,
  5. "StateTimeoutSeconds": 300,
  6. "ZkDetectionTimeout": 30,
  7. "HttpPort": 8123,
  8. "TTL": 60,
  9. "SOASerial": 1495828250,
  10. "SOARefresh": 60,
  11. "SOARetry": 600,
  12. "SOAExpire": 86400,
  13. "SOAMinttl": 60,
  14. "SOAMname": "ns1.mesos.",
  15. "SOARname": "root.ns1.mesos.",
  16. "Masters": null,
  17. "ZoneResolvers": {},
  18. "Resolvers": [
  19. "169.254.169.253"
  20. ],
  21. "IPSources": [
  22. "host",
  23. "netinfo"
  24. ],
  25. "Zk": "zk://zk-1.zk:2181,zk-2.zk:2181,zk-3.zk:2181,zk-4.zk:2181,zk-5.zk:2181/mesos",
  26. "Domain": "mesos",
  27. "File": "/opt/mesosphere/etc/mesos-dns.json",
  28. "Listener": "0.0.0.0",
  29. "HTTPListener": "0.0.0.0",
  30. "RecurseOn": true,
  31. "DnsOn": true,
  32. "HttpOn": true,
  33. "ExternalOn": true,
  34. "EnforceRFC952": false,
  35. "SetTruncateBit": false,
  36. "EnumerationOn": true,
  37. "MesosHTTPSOn": false,
  38. "CACertFile": "",
  39. "CertFile": "",
  40. "KeyFile": "",
  41. "MesosCredentials": {
  42. "Principal": "",
  43. "Secret": ""
  44. },
  45. "IAMConfigFile": "",
  46. "MesosAuthentication": ""
  47. }

The output for Entperise DC/OS should resemble:

  1. {
  2. "RefreshSeconds": 30,
  3. "Port": 61053,
  4. "Timeout": 5,
  5. "StateTimeoutSeconds": 300,
  6. "ZkDetectionTimeout": 30,
  7. "HttpPort": 8123,
  8. "TTL": 60,
  9. "SOASerial": 1495828138,
  10. "SOARefresh": 60,
  11. "SOARetry": 600,
  12. "SOAExpire": 86400,
  13. "SOAMinttl": 60,
  14. "SOAMname": "ns1.mesos.",
  15. "SOARname": "root.ns1.mesos.",
  16. "Masters": null,
  17. "ZoneResolvers": {},
  18. "Resolvers": [
  19. "169.254.169.253"
  20. ],
  21. "IPSources": [
  22. "host",
  23. "netinfo"
  24. ],
  25. "Zk": "zk://zk-1.zk:2181,zk-2.zk:2181,zk-3.zk:2181,zk-4.zk:2181,zk-5.zk:2181/mesos",
  26. "Domain": "mesos",
  27. "File": "/opt/mesosphere/etc/mesos-dns-enterprise.json",
  28. "Listener": "0.0.0.0",
  29. "HTTPListener": "127.0.0.1",
  30. "RecurseOn": true,
  31. "DnsOn": true,
  32. "HttpOn": true,
  33. "ExternalOn": true,
  34. "EnforceRFC952": false,
  35. "SetTruncateBit": false,
  36. "EnumerationOn": true,
  37. "MesosHTTPSOn": true,
  38. "CACertFile": "/run/dcos/pki/CA/certs/ca.crt",
  39. "CertFile": "/run/dcos/pki/tls/certs/mesos-dns.crt",
  40. "KeyFile": "/run/dcos/pki/tls/private/mesos-dns.key",
  41. "MesosCredentials": {
  42. "Principal": "",
  43. "Secret": ""
  44. },
  45. "IAMConfigFile": "/run/dcos/etc/mesos-dns/iam.json",
  46. "MesosAuthentication": "iam"
  47. }

GET /v1/hosts/

Lists in JSON format the IP addresses that correspond to a hostname. It is the equivalent of a DNS A record lookup.

NOTE: The HTTP interface only resolves hostnames in the Mesos domain.

  1. curl -H "Authorization: token=<auth-token>" http://<public-master-ip>/mesos_dns/v1/hosts/nginx.marathon.mesos

The output should resemble:

  1. [
  2. {"host":"nginx.marathon.mesos.","ip":"10.249.219.155"},
  3. {"host":"nginx.marathon.mesos.","ip":"10.190.238.173"},
  4. {"host":"nginx.marathon.mesos.","ip":"10.156.230.230"}
  5. ]

GET /v1/services/

Lists in JSON format the hostname, IP address, and ports that correspond to a hostname. It is the equivalent of a DNS SRV record lookup.

NOTE: The HTTP interface only resolves hostnames in the Mesos domain.

  1. curl -H "Authorization: token=<auth-token>" http://<public-master-ip>/mesos_dns/v1/services/_nginx._tcp.marathon.mesos

The output should resemble:

  1. [
  2. {"host":"nginx-s2.marathon.mesos.","ip":"10.249.219.155","port":"31644","service":"_nginx._tcp.marathon.mesos."},
  3. {"host":"nginx-s1.marathon.mesos.","ip":"10.190.238.173","port":"31667","service":"_nginx._tcp.marathon.mesos."},
  4. {"host":"nginx-s0.marathon.mesos.","ip":"10.156.230.230","port":"31880","service":"_nginx._tcp.marathon.mesos."}
  5. ]